I was thinking about doing this with a new test box to see how difficult it would be. I imagine if you are already in the network and have already compromised it then this just might be salt in the wound for the system admins. Still nifty though.